Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
analyzing computer vulnerabilities since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability CVE-2013-1164 CVE-2013-1165 CVE-2013-1166

Cisco IOS XE: denials of service

Synthesis of the vulnerability

An attacker can trigger several denials of service in Cisco IOS XE.
Impacted products: Cisco Catalyst, IOS XE, Cisco Router xx00 Series.
Severity: 3/4.
Creation date: 11/04/2013.
Identifiers: BID-59003, BID-59007, BID-59008, BID-59009, BID-59040, CERTA-2013-AVI-238, cisco-sa-20130410-asr1000, CSCtt11558, CSCtz23293, CSCtz97563, CSCub34945, CSCuc65609, CVE-2013-1164, CVE-2013-1165, CVE-2013-1166, CVE-2013-1167, CVE-2013-2779, VIGILANCE-VUL-12650.

Description of the vulnerability

Several vulnerabilities were announced in Cisco IOS XE.

An attacker can send a fragmented IPv6 Multicast packet, in order to trigger a denial of service. [severity:3/4; BID-59003, CSCtz97563, CVE-2013-1164]

An attacker can send a fragmented IPv6 MVPN packet, in order to trigger a denial of service. [severity:3/4; BID-59003, BID-59040, CSCub34945, CVE-2013-1164, CVE-2013-2779]

An attacker can send a L2TP packet, in order to trigger a denial of service. [severity:3/4; BID-59007, CSCtz23293, CVE-2013-1165]

An attacker can send a packet to a BDI bridge, in order to trigger a denial of service. [severity:3/4; BID-59008, CSCtt11558, CVE-2013-1167]

An attacker can send a SIP packet, in order to trigger a denial of service. [severity:3/4; BID-59009, CSCuc65609, CVE-2013-1166]

An attacker can therefore trigger several denials of service in Cisco IOS XE.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides a computer vulnerability watch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The technology watch team tracks security threats targeting the computer system.



















Copyright 1999-2014 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française